ENISA tells banks to assume that all customer PCs are infected with malware

(LiveHacking.Com) – The EU’s cyber security agency ENISA (European Network and Information Security Agency) has released a report in response to the “High Roller” cyber-attacks. These attacks targetted corporate bank accounts and, according to a report recently published by McAfee and Guardian Analytics, are responsible for the loss of tens of millions dollars.

As part of the recommendations, ENISA has told the banking industry to assume that all PCs are infected with malware. The “High Roller” cyber-attacks used the infamous Zeus malware, which isn’t universally detected by anti-malware programs and as such it is safer for banks to assume that all of its customers’ PCs are infected.

The report also mentions that basic two factor authentication does not prevent man-in-the-middle attacks on transactions. Therefore, ENISA recommends that banks cross check with their customers the details of certain types of transactions. These cross checks can be performed via SMS or a telephone call.

ENISA also calls on the different national Computer Emergency Response Teams (CERTs) and law enforcement agencies to cooperate closer to help bring down the command and control servers used by the criminals.

The recommendations have been published due to the nature of the “High Roller” attacks. First, these attacks are highly automated making them fast and easily missed. Second, the attacks are sophisticated with the ability to bypass two-factor authentication and fraud detection. Thirdly, the attacks are highly targeted. Only PCs from users with corresponding high balances were targeted.